Increasing threat situation - KRITIS and NIS-2 as a response
Europe-wide and globally networked processes, as well as the increasing digitalisation of all areas of life and the economy, mean a greater susceptibility to external factors which are frequently beyond our control. This development has made the situation in relation to cyber threats more acute, which has led to new challenges that require a coordinated and innovative response in all EU member states. The number, scope, complexity, frequency and impact of incidents is increasing and poses a considerable threat to smooth running of businesses and facilities. The EU NIS-2 Directive (formerly NIS Directive of 2016) which came into force in 2023 sets out the minimum cybersecurity standards in the European Union The aim is to strengthen resilience and cybersecurity measures in the critical sectors (KRITIS sectors).
Resilience (resistivity) generally refers to the ability to protect, react and recover from disruptions, attacks or other unexpected events without lasting adverse effects and adapt to changing conditions. The focus here is mainly security incidents in the network or information systems and also the physical security of the infrastructure of these systems and personnel security.
Who is affected?
Digitalisation increases cyber threat vulnerability. The EU NIS-2 Directive sets out minimum cybersecurity standards to strengthen the resilience of critical sectors. In Germany, this affects around 30,000 facilities.
But what are the "application ranges" and "who actually belongs to critical infrastructure"?
The BSI Act (BSIG) and the BSI Critical Infrastructure Regulation (BSI-KritisV) provide the answer by defining the nine KRITIS sectors. Furthermore, the facilities are defined by the "Law on implementation of the NIS-2 Directive and on regulating the main features of the information security management in the federal administration" ("law on implementation of the NIS-2 Directive") as announced in the German Federal Law Gazette on 05 December 2025. As a consequence, companies and other organisations are classified as operators and as facility/facilities in three categories:
- Operators of critical infrastructures (KRITIS operators)
- Particularly important facilities
- Important facilities
Furthermore, special cases and facilities of the federal administration exist.
Who must take action?
Your company belongs to this category as well as other affected organisations if you are an operator of "critical infrastructure" and facilities, systems or parts in the areas of industry listed below (KRITIS sectors). These facilities or systems belong to and are very important for the functions of the local community because if they did not exist or were restricted, this could lead to significant supply bottlenecks or pose major hazards to public safety. In addition to the standard threshold value of 500,000 inhabitants to be supplied, further quantitative and qualitative criteria can also be taken into consideration.
This means for your company as operator that the following security measures arise from the Act to implement the NIS-2 Directive:
• IT security
• Reporting obligation and
• Systems for attack detection KRITIS Umbrella Act (KRITIS-DachG*): Resilience
| Classification | Facilities | Threshold values |
|---|---|---|
| Operators of critical infrastructures (KRITIS) |
|
Someone who carries out critical services meet the demands of the general public. Inhabitants to be supplied: ≥ 500,000 |
Your company and other concerned organisations or facility/facilities fall into this category if it/they has/have at least 250 employees or an annual turnover of > €50 m and an annual balance sheet total of > €43 m, offer(s) goods or services and belong(s) to the following sectors listed below.
This means for your company as facility/facilities that the following security measures arise from the implementation of the NIS-2 Directive:
• IT security
• Reporting obligation
| Classification | Facilities | Threshold values |
|---|---|---|
| Facilities of major importance (companies and other organisations) |
|
Number of employees: ≥ 250 or Turnover: €50 m Balance: €43 m |
|
Number of employees: ≥ 50 or Turnover: €10 m Balance: €10 m | |
|
Without threshold values |
Important facilities are companies as well as other concerned organisations or facility/facilities that fall into the categories listed below and meet the specified thresholds.
This means for companies and facility/facilities that the following security measures arise from the implementation of the NIS-2 Directive:
• IT security
• Reporting obligation
| Classification | Facilities | Threshold values |
|---|---|---|
| Important facilities (companies and other organisations) |
|
Number of employees: ≥ 50 or Turnover: €10 m Balance: €10 m |
|
Number of employees: < 50 und Turnover: ≤ €10 m or Balance: ≤ €10 m | |
|
Without threshold values |
Technical and organisational measures
With the KRITIS Umbrella Act and the EU NIS-2 directives, not only previously known operators of critical infrastructures are now required to implement organisational and technical security measures. Instead, companies, organisations and facilities that previously gave little or no thought to cybersecurity or risk management are now in the spotlight. As stated at the outset, around 30,000 companies and facilities in Germany are now subject to the provisions of the KRITIS Umbrella Act and the NIS-2 directives.
This increases the importance of systems/solutions that help companies and facilities meet the requirements of the KRITIS Umbrella Act and the NIS-2 directives and enable efficient implementation of those requirements. This is exactly where the manufacturer-neutral and scalable physical security information management system GEMOS from BKS comes into play.
GEMOS physical security information management system (PSIM)
As an advanced physical security information system, GEMOS is more than just a technical measure for pooling information. It is a central risk management system that brings central monitoring, processing and visualisation of extensive security and building information from a wide range of areas and systems together.
In short: GEMOS is a manufacturer-neutral system that combines, visualises and processes security information from a wide range of sectors.
Perfect organisation using modules and interfaces
GEMOS caries out manufacturer-neutral pooling and integration (messages and instructions) of various physical security and information systems (GEMOS interfaces). With more than 900 existing interfaces and GEMOS’s open architecture, a wide range of systems from many different providers can already be integrated into GEMOS.
Here are some examples:
- Fire detector and fire extinguishing systems
- Video management systems
- Intrusion detection systems
- Perimeter systems
- Escape door control systems
- Alarm receiving systems
- Transmission systems
- Communication systems
- Personal emergency signalling systems
- Voice alarm systems
- Key management systems
- Building automation systems and technical systems (e.g. IT systems) using standard protocols such as BACnet, DALI, EIB/KNX, ESPA, Modbus, OPC, SNMP
Many modules support the organisation and efficient use of GEMOS. GEMOS therefore offers solutions for almost any task.
Security Incident Management with GEMOS
With a GEMOS system, all security information and events (such as faults, alarms and other statuses) of all integrated physical security and information systems (GEMOS interfaces) are monitored, detected and presented in such a manner that everything can be clearly understood. The GEMOS system is administered centrally so you can respond directly to security incidents. The decisive advantage of GEMOS is that the system integrates different systems from various manufacturers into a single interface and enables centralised organisation of measures across all manufacturers. Here are some examples of different systems that GEMOS can map and consolidate:
These systems can analyse live images and detect security incidents immediately. To carry out the monitoring automatically, or allow it to be controlled manually by the operator, GEMOS can immediately trigger the Pan-Tilt-Zoom control (PTZ) of the alarm camera, connection of live images from the periphery camera, start recordings and therefore generate archive images. Intervention personnel can be systematically deployed via the communication systems in response to detected incidents. Furthermore, GEMOS enables alarms, faults or info messages from other physical security and information systems to be connected by activating images which are linked to the alarms.
These systems prevent unauthorised access and physical security violations. They also detect these types of events simultaneously when they occur. Video surveillance cameras can be connected and integrated into GEMOS which significantly improves the monitoring of security incidents and the ability to respond to these. This also includes the visual representation of arming and disarming of
areas and sub-areas in the floor plan, especially in the event of an alarm. The activation and deactivation of sensors and detectors can also be monitored and documented.
these systems detect fire in the early stages, prevent propagation and therefore minimise the potential risks. Selected intervention measures, alerting of emergency personnel, automatic provision of fire-brigade route maps and possible activation of key management systems are smoothly coordinated through their integration into GEMOS in order to respond efficiently to security incidents. Deactivation and activation operations can be time-controlled and carried out manually, including an indication of need and verification by the operator.
The transmission of alarm, sabotage, raid, fault, arming/disarming messages for example, as well as maintenance and information messages from external facilities and their hazard detection systems via communication networks, form the core element of an alarm receiving system. The triggering objects can be visually displayed in the floor plan and controlled by selecting preset intervention measures in GEMOS. Measures can be time-dependent and linked to categories to ensure a fast effective response to security incidents.
In addition to the physical protection of critical infrastructures, protection and security of personnel is a major part of the NIS-2 Directive, especially in relation to physical and security-related threats. Automatic triggering of emergency calls by motion or position sensors as well as manual triggering of the emergency call system via panic buttons or mobile alarm devices is monitored so that security incidents can be quickly detected. Localisation functions can be used in combination with GEMOS for display in the floor plan and targeted reactions to intervention effectively implemented in the floor plan.
The statuses of these systems and facilities, such as temperature, pressure, rotational speed, speed, fill level, meter reading and flap and valve settings are monitored in GEMOS. This information can be categorised as alarm, pre-alarm, fault, maintenance or info messages, for example. GEMOS visualises critical events as digital or analogue value in the ground floor plan, also defining several threshold areas accompanied by a graphic representation to facilitate accurate detection and monitoring, in order to be able to respond to these events in good time.
Control access
Physical barriers such as fences, gates and security airlocks prevent unauthorised entry, but what about control of access to and within the building and internal areas? Here, an access control system such as the BKS-specific GEMOS access monitors and controls the access to critical infrastructures. With this system:
- Access can be restricted to authorised personnel by defining physical zones and time frames, mapping access rights and using security passes
- Further typical functions of an access control system can be implemented with the "Dynamic Rights", including bag checks, repeat access block (anti-passback), access sequence control, reporting system, multiple person presence chech
and exclusion for a specific period of time following multiple failed attempts with two-factor authentication. - When this system is integrated into GEMOS and linked to video surveillance cameras with the option of activating lockdown scenarios, this greatly enhances the ability to respond when security incidents occur.
- Direct control of security airlocks,
controlled physical access systems, swing and revolving doors and
access gates is possible.
Find the right support quickly!
Receive expert support, find the right dealer near you, and download important documents and instructions directly – quickly, easily, and reliably.
Service
Contact our service directly for professional support!
Our experienced team is at your side with advice and assistance – reliable, competent, and solution-oriented.
Dealer search
Find the right dealer near you quickly and easily! Enter your postal code and discover our partners for expert advice and first-class service.
Download
Here you will find all important documents, brochures, and instructions. Simply download and use directly!
